Enable Google SSO
Before starting, please check in the General Settings the Single Sign-On property has been turned on!
Creating a Google API Console project and client ID
For any additional information please refer to the Official Google Documentation here
- Go to the Google Developers Console (https://console.developers.google.com)
- Click on the credentials tab and select or add a new project
- Create a project if you need
- Now you can add the credentials to access the APIs, click "Create credentials" and select "OAuth client ID"
- Configure the consent screen if required
- Provide in the required information in the consent screen form (please refer to the Google Official Documentation for more information)
- Once you complete the consent screen configuration, you can continue to creating credentials
Insert in the authorized URIs field the URI related your Motion server
- Save and get you client credentials
- Enable Google People API: browse the APIs libraries and select the Google People API
Motion server configuration
edit the file /var/opt/motion2/server/config/environment/production.js
and replace the following rows:
google: {
clientID: process.env.GOOGLE_ID || 'id',
clientSecret: process.env.GOOGLE_SECRET || 'secret',
callbackURL: (process.env.DOMAIN || 'https://YOUR_MOTION_IP') + '/api/auth/google/callback'
}
with the Google application ID, example:
google: {
clientID: process.env.GOOGLE_ID || '1234567890-abcdefghijklmnopqrstuvwxyz.apps.googleusercontent.com',
clientSecret: process.env.GOOGLE_SECRET || 'abc-123456abcdefghijklmn',
callbackURL: (process.env.DOMAIN || 'https://pbx2.xcally.com') + '/api/auth/google/callback'
}
restart the motion service to apply the change
su motion pm2 restart motion2
User authentication
In order to use the Google SSO, the XCALLY users must have the proper Google account set as "email" in the Motion Staff section.
If they are already logged into the Chrome browser, they need just to click onÂ
Otherwise, Google will ask them the account credentials
